-
Notifications
You must be signed in to change notification settings - Fork 0
updating binary
You will learn how to build, install, and restart update-ipsets with minimal downtime.
make buildThis produces the update-ipsets binary in the project root.
./install.shThe install script:
- Installs UI dependencies, rebuilds the UI bundle, and builds the Go binary
- Copies it to the installation directory (default
/opt/update-ipsets/bin/) - Deploys the configuration catalog
- Installs or updates the systemd unit
- Creates a timestamped backup of the previous configuration if it changed
sudo systemctl restart update-ipsetsThe restart is fast. The daemon loads configuration, checks for recoverable staged state, and starts serving. Startup does not wait for full catalog processing or integrity scans.
The daemon restarts quickly — typically under a second. If you have a reverse proxy in front of update-ipsets, the proxy's health check against /healthz detects the brief unavailability and retries.
For true zero-downtime, run two instances behind a load balancer and restart them one at a time.
Check that the new version is running:
update-ipsets versionThe public status endpoint does not expose the build version. To check that the daemon is running after restart:
curl -s http://localhost:18888/api/v1/status | jq '{running: .engine.running, sources: .engine.source_count, uptime: .system.uptime}'install.sh creates a timestamped backup of the previous configuration directory when it detects changes. Backups are stored alongside the active configuration:
/opt/update-ipsets/etc/config.bak.20250501120000/
To roll back the configuration:
sudo rm -rf /opt/update-ipsets/etc/config
sudo mv /opt/update-ipsets/etc/config.bak.20250501120000 /opt/update-ipsets/etc/config
sudo systemctl restart update-ipsetsWhen the installed config directory differs from the repository catalog, install.sh backs up the whole active config directory and replaces it with configs/firehol/.
To preserve local edits across updates, keep a patch or a copy of your modified files outside the config directory, then reapply it after the reinstall.
- Daemon Command Reference
- Environment Variables
- Configuration Reload
- Listener Topologies
- Admin Authentication
- Feed Families
- Source Feeds
- Processor Reference
- Static Feeds
- Merge Feeds
- Artifact Parents
- History Derivatives
- Provider Databases
- Use Roles
- Critical Infrastructure Reference Feeds
- Legal Fields
- Feed Visibility & Lifecycle
- YAML Field Reference
- Pipeline Overview
- Download Lifecycle
- Processing Lifecycle
- Feed Status Reference
- Health Classes
- What Triggers Reprocessing
- Accessing the Admin
- Runtime Status
- Feed Inventory
- Artifact Inventory
- Live Queues
- Background Work
- Schedule State
- Operator Actions
- Enable & Disable